EMT Practice Test

1. Question Content...


Question List

Question1: The maturity level of an organization s problem management support function is optimized when the function

Question2: An organization has recently incorporated robotic process automation (RPA) Which of the following should be of GREATEST concern to an IS auditor?

Question3: Which of the following tools is MOST helpful in estimating budgets for tasks within a large IT business application project?

Question4: Which of the following types of environmental equipment will MOST likely be deployed below the floor tiles of a data center?

Question5: Which of the following Is the MOST effective way for an IS auditor to evaluate whether an organization is well positioned to defend against an advanced persistent threat (APT)?

Question6: To confirm integrity for a hashed message, the receiver should use

Question7: Which of the following is the BEST indication of control maturity in an organization's systems development and implementation processes?

Question8: An IS auditor discovers trial a security information and event management (SIEM) system is not monitored outside of business hours. Which of the following is the auditors BEST course of action?

Question9: Following a security breach, an IS auditor finds an organization's transport layer security (TLS) certificate is compromised. Which of the following would be the auditor's BEST recommendation to the system administrator?

Question10: Which of the following is MOST important to consider when determining the nature and extent of audit follow-up activities?

Question11: Which of the following is MOST important with regard to an application development acceptance test?

Question12: An organization is considering replacing physical backup tapes stored offsite with real-time on-line backup to a storage area network (SAN) located in the primary data center. Which of the following is the GREATEST risk?

Question13: Which of the following roles is BEST suited to determine information classification?

Question14: An organization shares some of its customers' personally Identifiable Information (PH) with third-party suppliers for business purposes. What is MOST important for the IS auditor to evaluate to ensure that risk associated with leakage of privacy-related data during transmission is effectively managed?

Question15: What is the MOST critical finding when reviewing an organization's information security management?

Question16: Which of the following should be established FIRST when initiating a control sell-assessment (CSA> program in a small organization?

Question17: An organization wants to classify database tables according to its data classification scheme. From an IS Auditor's perspective, the tables should be classified based on the:

Question18: An organization transmits large amount of data from one internal system to another. The IS auditor is reviewing quality of the data at the originating point. Which of the following should the auditor verify first?

Question19: Which of the following is an analytical review procedure for a payroll system?

Question20: An IS auditor discovers that due to resource constraints a database administrator (DBA) is responsible for developing and executing changes into the production environment Which of the following should the auditor do FIRST?

Question21: The MAIN benefit of using an Integrated test facility (ITF) as an online auditing technique Is that it enables

Question22: Which of the following is the GREATEST benefit of implementing an IT governance strategy within an organization?

Question23: When evaluating an organization's information security program, what would be an IS auditor's BEST recommendation to help ensure there are no rogue wireless devices on the network?

Question24: The PRIMARY objective of parallel testing an application is to confirm that:

Question25: An IS auditor identified hard-coded credentials within the source code of recently developed software when evaluating its readiness for implementation. Which of following would be the auditor's BEST recommendation?

Question26: During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:

Question27: Which of the following would provide the BEST evidence for use in a forensic investigation of an employee's hard drive?

Question28: Which of the following is the PRIMARY benefit of conducting control self-assessments (CSAs)

Question29: Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?

Question30: Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?

Question31: Which of the following controls would BEST enable IT management: to detect shadow IT within the organization?

Question32: An organization experienced a domain name system (DNS) attack caused by default user accounts not being removed from one of the servers. Which of the following would have been the BEST way to mitigate the risk of this DNS attack1?

Question33: An IS auditor has found that a vendor has gone out of business and the escrow has an older version of the source code What is the auditor's BEST recommendation for the organization?

Question34: Which of the following is the PRIMARY concern if a business continuity plan (BCP) is not based on a business impact analysis (BIA)?

Question35: Which of the following is a prerequisite to help ensure that IS hardware and software support the delivery of mission-critical functions?

Question36: An effective implementation of security roles and responsibilities is BEST evidenced across an enterprise when:

Question37: Which of the following controls will BEST ensure that the board of directors receives sufficient information about IT?

Question38: While reviewing an independent audit report of a service provider, an IS auditor notes that the report includes a reference to a vice organization that provides data center hosting services. Which of the following is the MOST efficient way for the auditor assess the data center's physical access controls?

Question39: The results of a feasibility study for acquiring a new system should provide management with a clear understanding of:

Question40: What should be the PRIMARY basis for scheduling a follow-up audit?

Question41: For a company that outsources payroll processing, which of the following is the BEST way to ensure that only authorized employees are paid?

Question42: During a network security review the system log indicates an unusually high number of unsuccessful login attempts Which of the following sampling techniques is MOST appropriate for selecting a sample of user IDs for further investigation?

Question43: In a high-volume, real-time system, the MOST effective technique by which to continuously monitor and analyze transaction processing is:

Question44: Which of the following backup methods is MOST appropriate when storage space is limited?

Question45: Which of the following would be an IS auditors GREATEST concern when reviewing elements of an insider threat program?

Question46: During development of an information security policy, which of the following would BEST ensure alignment to business objectives?

Question47: An IS auditor determines that an online retailer processing credit card information does not have a data classification process. The auditor's NEXT step should be

Question48: Following an acquisition, it was decided that legacy applications subject to compliance requirements will continue to be used until they can be phased out. The IS auditor needs to determine where there are control redundancies and where gaps may exist. Which of the following activities would be MOST helpful in making this determination?

Question49: The PRIMARY purpose of conducting a test of an alternate site as part of a disaster recovery program is to

Question50: An IS auditor concludes that a local area network's (LAN's) access security is satisfactory. In reviewing the work, the audit manager should:

Question51: An organization has outsourced its help desk services. Which of the following would be MOST useful in evaluating the quality of the service provider?

Question52: Which of the following is the PRIMARY advantage of using an automated security log monitoring tool over a manual review to monitor the use

Question53: Which of the following control? MOST efficiently ensures that orders transmitted from a sales office to a production warehouse are received accurately and completely?

Question54: Which of the following is the BEST source of information when assessing the amount of time a project will take?

Question55: When designing metrics for information security, the MOST important consideration is that the metrics:

Question56: During a vulnerability assessment, an IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer orders via credit card. The IS auditor could FIRST:

Question57: Which of the following would BEST help to ensure that an incident receives attention from appropriate personnel in a timely manner?

Question58: An organization is designing an application programming interface (API) for business-to-business data sharing with a vendor. Which of the following is the BEST way to reduce the potential risk of data leakage?

Question59: Which of the following is the BEST way to mitigate the risk associated with technology obsolescence?

Question60: During a software acquision review, an IS auditor should recommend that there be a software escrow agreement when:

Question61: Which of the following audit procedures would provide the BEST assurance that an application program is functioning as designed?

Question62: Which of the following is the BEST evidence of senior management review of IT performance?

Question63: Which of the following Is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

Question64: A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?

Question65: An organization outsourced its IS functions. To meet its responsibility for disaster recovery, the organization should:

Question66: An IS auditor finds that one employee has unauthorized access to confidential dat a. The IS auditor's BEST recommendation should be to:

Question67: An employee has accidentally posted confidential data to the company's social media page. Which of the following is the BEST control to prevent this from recurring?

Question68: Which of the following could be used to evaluate the effectiveness of IT operations?

Question69: Performance monitoring tools report that servers are consistently above the recommended utilization capacity. Which of the following is the BEST recommendation of the IS auditor?

Question70: Categories for classifying an organization's data are BEST determined based on which of the following?

Question71: Which of the following would BEST help management maintain a current and effective business continuity plan (BCP)?

Question72: An IS auditor reviewing the acquisition of new equipment would consider which of the following to be a significant weakness?

Question73: An IT department is unaware of spreadsheets and databases that have been created by business end users to support their respective operations Which of the following is the GREATEST risk in this situation?

Question74: Which of the following presents the GREATEST concern when implementing data flow across borders?

Question75: During the review of an organization's software development process, which of the following would be the IS auditor's GREATEST concern related to software security coding testing?

Question76: An IS audit of an organization's data classification policies finds some areas of the policies may not be up-to-date with new data privacy regulations What should management do FIRST to address the risk of noncompliance?

Question77: In a database management system (DBMS) normalization is used to:

Question78: Which of the following may be adversely affected when thin client architecture is introduced?

Question79: The application systems quality assurance (QA) function should:

Question80: An IS auditor Is asked to review an organization's data backup and storage Infrastructure after a recent business outage Which of the following is the BEST "commendation to ensure data is continuously and instantly replicated?

Question81: What is the PRIMARY objective of implementing data classification?

Question82: Which of the following is an example of a corrective control?

Question83: Which of the following is MOST important for an IS auditor to determine when reviewing how the organization's incident response team handles devices that may be involved in criminal activity?

Question84: Which of the following provides the BEST indication that IT key performance indicators (KPls) are Integrated into management practices?

Question85: An organization is including a client side software component of a Software as a Service (SaaS) solution as part of its standard PC age To protect the organization against copyright infringement, what is MOST important for the IS auditor to ensure?

Question86: Which of the following would be the MOST efficient audit approach, given that a compliance-based approach was adopted in the previous year?

Question87: Segregation of duties would be compromised if:

Question88: Which of the following reflects inadequate segregation of duties?

Question89: Which of the following attacks would MOST likely result in the interception and modification or traffic for mobile phones connecting to potentially insecure public Wi-Fi networks?

Question90: Which of the following entities is BEST suited to define the data classification levels within an organization?

Question91: During a review of operations, it is noted that during a batch update, an error was detected and the database initiated a roll-back. An IT operator stopped the roll-back and re-initiated the update. What should the operator have done PRIOR to re-initiating the update?

Question92: An IS audit had identified that default passwords for a newly implemented application were not changed. During the follow-up audit which of the following would provide the BEST evidence that the finding was effectively addressed?

Question93: Which of the following is the BEST indication of a mature quality management system (QMS)?

Question94: An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor s NEXT course of action?

Question95: When implementing a software product (middleware) to pass data between local area network (LAN) servers and the mainframe, the MOST critical control consideration is:

Question96: A financial services organization has just been granted a banking license. Which of the following is MOST important for the organization to ensure when updating its IT security policy?

Question97: What is the PRIMARY reason for conducting a risk assessment when developing an annual IS audit plan?

Question98: Which of the following reports can MOST effectively be used to analyze a systems performance problem?

Question99: Coding standards provide which of the following?

Question100: Which should be reviewed FIRST by an IS auditor To ensure that data Is being secured appropriately for an application?

Question101: Which of the following is the BEST way to transmit documents classified as confidential over the Internet?

Question102: A sales representative is reviewing the organization's feedback blog and gets redirected to a site that sells illegal prescription drugs. The blog site is MOST likely susceptible to which of the following types of attacks?

Question103: When removing a financial application system from production, which of the following is MOST important?
D18912E1457D5D1DDCBD40AB3BF70D5D

Question104: Which of the following methods should be used to purge confidential data from write-once optical media?

Question105: An IS auditor is reviewing IT policies and found that most policies have not been reviewed in over 3 years. The MOST significant risk is that the policies do not reflect.

Question106: A previously agreed-upon recommendation was not implemented because the auditee no longer agrees with the original finding. The IS auditor's FIRST course of action should be to:

Question107: Which of the following will enable a customer to authenticate an online Internet vendor?

Question108: During an annual audit an IS auditor finds there is no written department and users The auditor's FIRST step should be to:

Question109: An IS auditor should ensure that an application's audit trail:

Question110: the use of a cloud service provider to obtain additional computing power needed tor software development and testing Which of the following service models is MOST appropriate in tins situation?

Question111: Which of the following could provide an organization with the fastest resumption of processing following a disk failure?

Question112: An IS auditor notes that nightly hatch processing is frequently incomplete for an application. The auditor should FIRST review controls over which of the following?

Question113: After discussing findings with an auditee, an IS auditor is required to obtain approval of the report from the CEO before issuing it to the audit committee. This requirement PRIMARILY affects the IS auditor's:

Question114: Assessments of critical information systems are based on a cyclical audit plan that has not been updated for several years. Which of the following should the IS auditor recommend to BEST address this situation?

Question115: Which of the following is the BEST method to assess the adequacy of security awareness in an organization?

Question116: The BEST data backup strategy for mobile users is to:

Question117: Which of the following should be performed FIRST when preparing to deploy a major upgrade to a critical online application?

Question118: Which of the following BEST enables an IS auditor to determine whether an enterprise architecture (EA) adequately supports the enterprise's business strategy?

Question119: The process of applying a hash function to a message, and obtaining and ciphering a digest refers to:

Question120: An IS auditor reviewing a new application for compliance with information privacy principles should be MOST concerned with:

Question121: Which of the following is the BEST way to achieve high availability and fault tolerance for an e-business system?

Question122: Which of the following is the MOST effective control for protecting the confidentiality and integrity of data stored unencrypted on virtual machines?

Question123: A start-up organization is expecting to leverage application components provided by different software vendors and to scale up rapidly. Which of the following enterprise IT architectures would BEST ensure that the organization can easily add and reuse components to deliver its own services?

Question124: An IS auditor is planning on utilizing attribute sampling to determine the error rate for health care claims processed. Which of the following factors will cause the sample size to decrease?

Question125: An IS auditor observed a lack of compliance with a documented control and rated the noncompliance as a high-risk finding. The auditee has challenged the rating, stating the noncompliance is low-risk. Which of the following is the auditor's BEST course of action?

Question126: In a typical system development life cycle (SDLC), which group is PRIMARILY responsible tor confirming compliance with requirements?

Question127: Which of the following should be of MOST concern to an IS auditor evaluating a forensics program?

Question128: An IS auditor determines that a business impact analysis (BIA) was not conducted during the development of a business continuity plan (BCP). What is the MOST significant risk that could result from this situation?

Question129: Which of the following is the PRIMARY criterion for identifying an incident severity level?

Question130: An IS audit team is planning to rely on a system-generated report to reduce the substantive procedures they will need to perform. Which of the following procedures should the IS auditor perform to verify the completeness of the report?

Question131: An external attacker spoofing an internal Internet protocol (IP) address can BEST be detected by which of the following?

Question132: Which of the following is the MOST effective control In an organization to mitigate the risk of insider misuse of personal devices?

Question133: An IS auditor is preparing a data set for a data analytics project. The data will be used to benchmark a new computer-assisted audit technique (CAAT) tool being developed. Which of the following will help to ensure the data cannot be identified?

Question134: Which of the following reports would BEST assist an IS auditor evaluating the effectiveness of preventive maintenance?

Question135: Which of the following is the MOST important control to help minimize the risk of data leakage from calls made to a business-to-business application programming interface (API)?

Question136: While performing a risk-based audit, which of the following would BEST enable an IS auditor to identify and category risk?

Question137: An organization has outsourced the development of a core application. However, the organization plans to bring the support and future maintenance of the application back in-house. Which of the following findings should be the IS auditor's GREATEST concern?

Question138: Which of the following activities is MOST important to consider when conducting IS audit planning?

Question139: An organization has fully outsourced its email functions to a third-party cloud service provider Which of the following is the MOST Important responsibility of the IT unit supporting this function9

Question140: To preserve chain-of-custody following an internal server compromise, which of the following should be the FIRST step?

Question141: Which of the following is the BEST indicator of a mature quality management system (QMS)?

Question142: An organization's IT security policy states that user ID's must uniquely identify individual's and that user should not disclose their passwords. An IS auditor discovers that several generic user ID's are being used. Which of the following is the MOST appropriate course of action for the auditor?

Question143: When reviewing capacity monitoring, an IS auditor notices several incidents where storage capacity limits were reached, while the average utilization was below 30% Which of the following is MOST likely the root cause?

Question144: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?

Question145: A subsidiary company uses macro-enabled spreadsheets to convert reporting from Its finance system to upload journals to the parent company's finance system What Is the GREATEST potential risk In this scenario?

Question146: Which of the following is the BEST recommendation for the establishment of an information security policy?

Question147: Which of the following is an advantage of using electronic data interchange (EDI)?

Question148: Which of the following is the BEST method to secure credit card information displayed by an application used by both customer service representatives and fraud analysts'

Question149: A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor s BEST recommendation to facilitate compliance with the regulation?

Question150: During an IS audit the auditor identifies significant delays in granting computer access to new employees. Which of the following should be reviewed FIRST to determine the root cause?

Question151: Which of the following would provide the BEST evidence of the adequacy of firewall rules?

Question152: A multinational organization is integrating its existing payroll system with a human resource information system. Which of the following should be of GREATEST concern to the IS auditor?

Question153: An IS auditor follows up on a recent security incident and finds the incident response was not adequate. Which of the following findings should be considered MOST critical?

Question154: Which of the following cloud computing models should an organization adopt if faced with challenges in capacity planning and software maintenance?

Question155: Which of the following could an IS auditor recommend to improve the estimated resources required in system development?

Question156: Which of the following is MOST important for an IS auditor to consider when evaluating an organization's effectiveness in mitigating Internal fraud risk?

Question157: An IS auditor is reviewing the upgrading of an operating system. Which of the following would be the GREATEST audit concern?

Question158: The PRIMARY purpose for an IS auditor to review previous audit reports during the planning phase of a current audit is to:

Question159: Which of the following is MOST important for an IS auditor to verify during a disaster recovery audit?

Question160: The IS auditor's PRIMARY role in control self-assessment (CSA) is to:

Question161: An IS auditor is reviewing a small organization's business continuity and disaster recovery plans Which of the following findings would pose the GREATEST concern?

Question162: A retirement system verifies that the field for employee status has either a value of A (for active) or R (for retired). This is an example of which type of check?

Question163: Which of the following should be used to assess the level of security required to protect information on a corporate network?

Question164: An organization has purchased a replacement mainframe computer to cope with the demands of increased business. Which of the following should be the PRIMARY concern of an IS auditor?

Question165: Which of the following is a reason for implementing a decentralized IT governance model?

Question166: An organization has recently acquired another organization. When reviewing both IS departments, the IS auditor discovers two redundant IT applications. Which of the following would be the auditor's BEST recommendation for management?

Question167: Which of the following is a benefit of requiring management to issue a report to stakeholders regarding the internal controls over IT?

Question168: Which of the following roles is ULTIMATELY accountable for the protection of an organization s information?

Question169: Which of the following methods should be used to effectively erase sensitive data from portable storage devices that are to be reused?

Question170: When physical destruction is not practical, which of the following is the MOST effective measure of disposing of sensitive data on a hard disk?

Question171: An IS auditor is evaluating a virtual server environment and learns that the production server, development server, and management console are housed in the same physical host. What should be the auditor's PRIMARY concern?

Question172: An organization wants to reuse company-provided smartphones collected from staff leaving the organization. Which of the following would be the BEST recommendation?

Question173: Which of the following is found in an audit charter?

Question174: What is the PRIMARY reason for including a clause requiring source code escrow in an application vendor agreement?

Question175: An IS auditor is planning a risk-based audit of the human resources department. The department uses separate systems for its payroll, training and employee performance review functions. What should the IS auditor do FIRST before identifying the key controls to be tested?

Question176: A web application is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?

Question177: The IS security group is planning to implement single sign-on. What is the IS auditor's PRIMARY concern?

Question178: The GREATEST benefit of using a prototyping approach in software development is that it helps to:

Question179: Which of the following is BEST addressed when using a timestamp within a digital signature to deliver sensitive financial information?

Question180: A system undergoing acceptance testing is still subject to programming changes. This should have been prohibited in the acceptance test strategy through specifications of:

Question181: select a sample for testing, which must include the 80 largest client balances and a random sample of the rest, the IS auditor should recommend:

Question182: The PRIMARY purpose of a precedence diagramming method in managing IT projects is to:

Question183: Which of the following is the MOST critical element impacting the success of an information security program?

Question184: Which of the following controls BEST mitigates the impact of a distributed denial of service (DDoS) attack against the controller in a softwaredefined network (SDN)?

Question185: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

Question186: Which of the following projects would be MOST important to review in an audit of an organizations financial statements?

Question187: During an internal review of the system development life cycle management an IS auditor finds that customer production data has Been displayed m the user acceptance testing (UAT) environment. Which of the following is the auditor's BEST recommendation''

Question188: Which combination of access controls provides the BEST physical protection for a server room?

Question189: Which of the following is the BEST audit technique to identify fraudulent activity in a transaction processing system?

Question190: An IS auditor is assessing a recent migration of mission critical applications to a virtual platform. Which of the following observations poses the GREATEST risk to the organization?

Question191: What is the BEST strategy to prioritize work when planning a follow-up audit?

Question192: A business area has Been experiencing an ongoing Issue with a key business application. The Issue has been reported to. and resolved by. the help desk each time but continues to occur. This situation Is MOST likely caused by a weakness within which of the following processes?

Question193: When auditing the closing stages of a system development project, which of the following should be the MOST important consideration?

Question194: Which of the following is the PRIMARY responsibility of an information owner?

Question195: Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?

Question196: Which of the following should an IS auditor be MOST concerned with when a system uses ratio frequency identification (RFID)?

Question197: A multinational company wants to establish a mandatory global standard for information security including data protection and privacy. Which of the following should be the GREATEST concern to an IS auditor?

Question198: Which of the following is the MOST important factor when an organization is developing information security policies and procedures?

Question199: Which of the Which is the MOST effective control to reduce the risk of information leakage through social media'?

Question200: An IS auditor is conducting a project review for the implementation of a new business application. Which of the following provides the GREATEST assurance that the implementation meets business objectives?

Question201: Which of the following findings would be of GREATEST concern when reviewing a business impact analysis (BIA)?

Question202: An organization has contracted with a third party to implement and configure a new accounting application. Once the application is implemented, in-house staff will provide all application support and maintenance. Which of the following is MOST important to the success of this initiative?

Question203: Information security awareness programs in a large organization should be:

Question204: A database audit reveals an issue with the way data ownership for client data is defined. Which of the following roles should be accountable for this finding?

Question205: Which of the following should be the PRIMARY reason to establish a social media policy for all employees?

Question206: An IS auditor previously worked in an organization s IT department and was involved with the design of the business continuity plan (BCP). The IS auditor has now been asked to review this same BCP. The auditor should FIRST.

Question207: While reviewing transactions, an IS auditor discovers inconsistencies in a relational database Which of the following would be the auditor's BEST recommendation?

Question208: A legacy application is running on an operating system that is no longer supported by the vendor. If the organization continues to use the current application, which of the following should be the IS auditor's GREATEST concern?

Question209: Using development and operations (DevOps) processes an organization's IT department has automated the process of replacing application programming interlaces (APIs) m production with new versions. Which of the following controls would BEST reduce the risk of vulnerabilities in this situation?

Question210: An audit report that specifies responsibility for the closure of noncompliance issues is BEST enhanced by including:

Question211: Which of the following would be considered a corrective control when designing the security of a data center?

Question212: Which of the following poses the GREATEST risk to data security and integrity in a cloud environment?

Question213: An organization is planning to develop a system using rapid application development (RAD) in order to meet quick turnaround times. Which of the following is the GREATEST potential risk associated with this type of application development?

Question214: The BEST reason for implementing a virtual private network (VPN) is that it:

Question215: An organization plans to migrate some applications to an externally hosted data center However, the service provider has indicated that it does not provide assurance reports over controls in the data center. What would be an IS auditor's BEST recommendation to management in the absence of a third-party assurance report?

Question216: An advantage of object-oriented system development is that it:

Question217: Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist withing the organization?

Question218: Which of the following is the MOST important feature of access control software?

Question219: Both statistical and nonstatistical sampling techniques:

Question220: Which of the following is the MOST effective control to restrict the use of instant messaging (IM) within an organization?

Question221: Which of the following would be MOST useful to an IS auditor confirming that an IS department meets its service level agreements (SLAs)

Question222: An IS auditor is asked to review a large organization's change management process. Which of the following practices presents the GREATEST risk?

Question223: For an application system with a large master Tile and a small transact ion-activity file, the MAIN benefit in changing from full transaction file backups to incremental backups would be

Question224: When assessing a business case as part of a post-implementation review, the IS auditor MUST ensure that the:

Question225: Loss-site scripting (XSS) attacks are BEST prevented through:

Question226: Which of the following is the MOST appropriate responsibility of an IS auditor involved in a data center renovation project?

Question227: An organization s audit charter PRIMARILY:

Question228: An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

Question229: A 5 year audit plan provides for general audits every year and application audits on alternating years. To achieve higher efficiency, the IS audit manager would MOST likely:

Question230: Which of the following is MOST important for the successful establishment of a security vulnerability management program?

Question231: Which of the following access rights in the production environment should be granted to a developer to maintain segregation of duties?

Question232: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's vulnerability scanning program?

Question233: Which of the following stakeholders is accountable for control evaluations during a control self-assessment (CSA)?

Question234: When continuous monitoring systems are being implemented, an IS auditor should FIRST identify

Question235: An organization's sensitive data is stored in a cloud computing environment and is encrypted. Which of the following findings should be of GREATEST concern to an IS auditor?

Question236: Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met. Which of the following is MOST likely to be assessed?

Question237: During a "clean desk" audit, a USB flash drive labeled "confidential" was found on the desk of a terminated employee. Which of the following would be the BEST way to safety review its contents?

Question238: An IS auditor finds multiple situations where the help desk resolved security incidents without notifying IT security as required by policy. Which of the following is the BEST audit recommendation?

Question239: Which of the following controls should be implemented to BEST minimize system downtime for maintenance?

Question240: Which of the following observations should be of MOST concern to an IS auditor evaluating an IT security team's incident handling practices?

Question241: The results of an IS audit indicating the need to strengthen controls has oeen communicated to the appropriate stakeholders Which of the following is the BEST way for management to enforce Implementation of the recommendations?

Question242: Which of the following findings is the GREATES concern when reviewing a disaster recovery plan (DRP) with high availability requirements?

Question243: Which of the following should be the MOST important consideration when prioritizing IS audit activities

Question244: An IS auditor is performing a post-implementation review of a system deployed two years ago Which of the following findings should be of MOST concern to the auditor?

Question245: Which of the following is the BEST control to detect errors in an accounts payable system?

Question246: When engaging services from external auditors, which of the following should be established FIRST?

Question247: An IS auditor Is reviewing a complete population of incidents to assess an organization's incident management process. Which of the following observations should be the IS auditor's GREATEST concern?

Question248: While reviewing a hot site, the IS auditor discovers that one type of hardware platform is not installed. The IS auditor should FIRST

Question249: An IS auditor finds that confidential company data has been inadvertently leaked through social engineering. The MOST effective way to help prevent a recurrence of this issue is to implement:

Question250: Which of the following is the KST source of information for assessing the effectiveness of IT process monitoring?

Question251: The PRIMARY benefit of using secure shell (SSH) to access a server on a network is that it:

Question252: Which of the following roles is responsible for validating compliance with the agreed-upon systems development methodology during the development of a new system?

Question253: The information security function in a large organization is MOST effective when:

Question254: Which of the following should an IS auditor recommend to reduce the likelihood of potential intruders using social engineering?

Question255: Which of the following is the PRIMARY reason for an IS auditor to issue an interim audit report?

Question256: Following Pie last external review, the audit client implemented an advanced data storage solution Which of the following is MOST important to include in the audit scope?

Question257: The lack of which of the following represents the GREATEST risk to the quality of developed software?

Question258: Of the following, who is BEST suited to establish an organization's risk tolerance?

Question259: An IS auditor has been asked to advise on the design and implementation of IT management best practices Which of the following actions would impair the auditor's independence?

Question260: Which of the following security mechanisms should be used to prevent disclosures of personally identifiable information (PH) when performing data analytics?

Question261: A software development project has had a significant scope reduction. Which of the following is the MOST important action for the IS auditor to perform in this situation?

Question262: A potential risk of executing a program on an Internet site is that it may:

Question263: Which of the following MOST effectively mitigates the impact of a major ransom ware attack?

Question264: planning an end-user computing (EUC) audit, it is MO ST important for the IS auditor to

Question265: Who is PRIMARILY responsible for data integrity and security when implementing a new application?

Question266: When replacing a critical software application, which of the following provides for the LOWEST risk of interruption to business processes?

Question267: Which of the following IT resource management practices is MOST Important for an IS auditor to verify when evaluating third-party outsourcing relationships?

Question268: An external audit team is deciding whether to rely on internal audits work for an annual compliance audit Which of the following Is the GREATEST consideration when making this decision?

Question269: An IS auditor notes that several of a client's servers are vulnerable to attack due to open unused ports and protocols. The auditor recommends management implement minimum security requirements. Which type of control has been recommended?

Question270: An organization uses a web server hosting critical applications. Which of the following would represent the HIGHEST risk regarding the availability and integrity of the web server?

Question271: Which of the following Is the MOST important consideration when Investigating a security breach of an e-commerce application?

Question272: When preparing to evaluate the effectiveness of an organizations IT strategy, an IS auditor should FIRST review;

Question273: Which of the following should an IS auditor expect to see in a network vulnerability assessment?

Question274: IS management has decided to replace the current single-server-based local area network (LAN) with three interconnected servers running different operating systems. Existing applications and data on the old server have been exclusively distributed on the new servers. This will MOST likely result in:

Question275: Which of the following BEST helps to ensure system resiliency for a business application that processes high-volume and real-lime retail transactions?

Question276: An IS audit manager has been advised that hackers have entered the company's e-commerce server a number of times m the past month The IS audit group does not have the expertise necessary to investigate this situation The IS audit manager should

Question277: An IS auditor learns an organization does not perform full disaster recovery (DR) testing because past tests nave confirmed that all critical systems can individually be recovered within four hours, in line with business requirements. Which of the following should be the auditor's GREATEST concern''

Question278: The purpose of data migration testing is to validate data:

Question279: Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?

Question280: During a post-incident review of a security breach, what type of analysis should an IS auditor expect to be performed by the organization's information security team?

Question281: An auditor is creating an audit program in which the objective is to establish the adequacy of personal data privacy controls in a payroll process. Which of the following would be MOST important to include?

Question282: An IS auditor is following upon a finding that determined elevated administrator accounts for servers were not being properly checked out and then back in after each use. Which of the following is the MOST appropriate sampling technique to determine the scope of the problem?

Question283: Which of the following audit procedures would be MOST conclusive in evaluating the effectiveness of an e-commerce application system's edit routine?

Question284: An IS auditor finds an IT department does not perform periodic discovery of hardware and software deployed in an environment. What is the GREATEST associated risk'

Question285: Which of the following should an IS auditor review FIRST when planning a customer data privacy audit?

Question286: What is the BEST way for an IS auditor to address the risk associated with over-retention of personal data after identifying a large number of customer records retained beyond the retention period defined by law?

Question287: Which of the following system deployments requires the cloud provider to assume the widest range of responsibilities for data protection?

Question288: Which of the following would BEST indicate the independence of the internal audit function?

Question289: Which of the following concerns is BEST addressed by securing production source libraries?

Question290: During a post-implementation review, a step in determining whether a project met user requirements is to review the:

Question291: A small startup organization does not have the resources to implement segregation of duties. Which of the following would be the MOST effective compensating control?

Question292: An IS auditor discovers instances where software with the same license key is deployed to multiple workstations, in breach of the licensing agreement. Which of the following is the auditor's BEST recommendation?

Question293: What type of control is being used when an organization publishes standards and procedures for vulnerability management?

Question294: An IT department installed critical patches provided by the vendor to HR production servers. Immediately after the installation was completed, the HR department called to report that none of its users could access the system, what should be the IT department's FIRST step in addressing this issue?

Question295: Invoking a business continuity plan (BCP) is demonstrating which type of control?

Question296: Which of the following Is MOST important for successful Incident response?

Question297: Which of the following should be performed immediately after a computer security incident has been detected and analyzed by an incident response team?

Question298: Which of the following reliably associates users and their public keys and Includes attributes that uniquely identify the users?

Question299: Which of the following functions is MOST likely to be performed by an operating system utility residing on a web server?